From 22edd87755ae3284fe1c1a990f3237658a15f5a1 Mon Sep 17 00:00:00 2001
From: David Benjamin <davidben@google.com>
Date: Thu, 4 Aug 2016 21:38:40 +0000
Subject: [PATCH] Resolve a small handful of size_t truncation warnings.

This is very far from all of it, but I did some easy ones before I got
bored. Snapshot the progress until someone else wants to continue this.

BUG=22

Change-Id: I2609e9766d883a273e53e01a75a4b1d4700e2436
Reviewed-on: https://boringssl-review.googlesource.com/9132
Reviewed-by: Adam Langley <agl@google.com>
Commit-Queue: Adam Langley <agl@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
---
 crypto/base64/base64.c     | 16 ++++++++++------
 crypto/bytestring/cbb.c    |  8 ++++----
 crypto/cipher/e_ssl3.c     |  6 +++---
 crypto/ecdh/ecdh.c         |  8 +++++++-
 crypto/obj/obj.c           |  6 +++++-
 crypto/poly1305/poly1305.c |  6 +++---
 crypto/rand/windows.c      |  2 +-
 include/openssl/stack.h    |  2 +-
 8 files changed, 34 insertions(+), 20 deletions(-)

diff --git a/crypto/base64/base64.c b/crypto/base64/base64.c
index 0763a3e4..a74c3f55 100644
--- a/crypto/base64/base64.c
+++ b/crypto/base64/base64.c
@@ -111,7 +111,7 @@ void EVP_EncodeUpdate(EVP_ENCODE_CTX *ctx, uint8_t *out, int *out_len,
 
   if (sizeof(ctx->data) - ctx->data_used > in_len) {
     memcpy(&ctx->data[ctx->data_used], in, in_len);
-    ctx->data_used += in_len;
+    ctx->data_used += (unsigned)in_len;
     return;
   }
 
@@ -152,14 +152,14 @@ void EVP_EncodeUpdate(EVP_ENCODE_CTX *ctx, uint8_t *out, int *out_len,
     memcpy(ctx->data, in, in_len);
   }
 
-  ctx->data_used = in_len;
+  ctx->data_used = (unsigned)in_len;
 
   if (total > INT_MAX) {
     /* We cannot signal an error, but we can at least avoid making *out_len
      * negative. */
     total = 0;
   }
-  *out_len = total;
+  *out_len = (int)total;
 }
 
 void EVP_EncodeFinal(EVP_ENCODE_CTX *ctx, uint8_t *out, int *out_len) {
@@ -172,7 +172,11 @@ void EVP_EncodeFinal(EVP_ENCODE_CTX *ctx, uint8_t *out, int *out_len) {
   out[encoded++] = '\n';
   out[encoded] = '\0';
   ctx->data_used = 0;
-  *out_len = encoded;
+
+  /* ctx->data_used is bounded by sizeof(ctx->data), so this does not
+   * overflow. */
+  assert(encoded <= INT_MAX);
+  *out_len = (int)encoded;
 }
 
 size_t EVP_EncodeBlock(uint8_t *dst, const uint8_t *src, size_t src_len) {
@@ -344,7 +348,7 @@ int EVP_DecodeUpdate(EVP_ENCODE_CTX *ctx, uint8_t *out, int *out_len,
     *out_len = 0;
     return -1;
   }
-  *out_len = bytes_out;
+  *out_len = (int)bytes_out;
 
   if (ctx->eof_seen) {
     return 0;
@@ -434,5 +438,5 @@ int EVP_DecodeBlock(uint8_t *dst, const uint8_t *src, size_t src_len) {
   }
   assert(dst_len <= INT_MAX);
 
-  return dst_len;
+  return (int)dst_len;
 }
diff --git a/crypto/bytestring/cbb.c b/crypto/bytestring/cbb.c
index ff2bc361..0672904a 100644
--- a/crypto/bytestring/cbb.c
+++ b/crypto/bytestring/cbb.c
@@ -221,7 +221,7 @@ int CBB_flush(CBB *cbb) {
     /* For ASN.1 we assume that we'll only need a single byte for the length.
      * If that turned out to be incorrect, we have to move the contents along
      * in order to make space. */
-    size_t len_len;
+    uint8_t len_len;
     uint8_t initial_length_byte;
 
     assert (cbb->child->pending_len_len == 1);
@@ -243,7 +243,7 @@ int CBB_flush(CBB *cbb) {
       initial_length_byte = 0x80 | 1;
     } else {
       len_len = 1;
-      initial_length_byte = len;
+      initial_length_byte = (uint8_t)len;
       len = 0;
     }
 
@@ -262,7 +262,7 @@ int CBB_flush(CBB *cbb) {
 
   for (i = cbb->child->pending_len_len - 1; i < cbb->child->pending_len_len;
        i--) {
-    cbb->base->buf[cbb->child->offset + i] = len;
+    cbb->base->buf[cbb->child->offset + i] = (uint8_t)len;
     len >>= 8;
   }
   if (len != 0) {
@@ -292,7 +292,7 @@ size_t CBB_len(const CBB *cbb) {
 }
 
 static int cbb_add_length_prefixed(CBB *cbb, CBB *out_contents,
-                                   size_t len_len) {
+                                   uint8_t len_len) {
   uint8_t *prefix_bytes;
 
   if (!CBB_flush(cbb)) {
diff --git a/crypto/cipher/e_ssl3.c b/crypto/cipher/e_ssl3.c
index 7dddf242..19d65a95 100644
--- a/crypto/cipher/e_ssl3.c
+++ b/crypto/cipher/e_ssl3.c
@@ -263,10 +263,10 @@ static int aead_ssl3_open(const EVP_AEAD_CTX *ctx, uint8_t *out,
   total += len;
   assert(total == in_len);
 
-  /* Remove CBC padding and MAC. This would normally be timing-sensitive, but SSLv3 CBC
-   * ciphers are already broken. Support will be removed eventually.
+  /* Remove CBC padding and MAC. This would normally be timing-sensitive, but
+   * SSLv3 CBC ciphers are already broken. Support will be removed eventually.
    * https://www.openssl.org/~bodo/ssl-poodle.pdf */
-  unsigned data_len;
+  size_t data_len;
   if (EVP_CIPHER_CTX_mode(&ssl3_ctx->cipher_ctx) == EVP_CIPH_CBC_MODE) {
     unsigned padding_length = out[total - 1];
     if (total < padding_length + 1 + mac_len) {
diff --git a/crypto/ecdh/ecdh.c b/crypto/ecdh/ecdh.c
index 4a1964a0..37a67b21 100644
--- a/crypto/ecdh/ecdh.c
+++ b/crypto/ecdh/ecdh.c
@@ -66,6 +66,7 @@
 
 #include <openssl/ecdh.h>
 
+#include <limits.h>
 #include <string.h>
 
 #include <openssl/bn.h>
@@ -142,7 +143,12 @@ int ECDH_compute_key(void *out, size_t outlen, const EC_POINT *pub_key,
     memcpy(out, buf, outlen);
   }
 
-  ret = outlen;
+  if (outlen > INT_MAX) {
+    OPENSSL_PUT_ERROR(ECDH, ERR_R_OVERFLOW);
+    goto err;
+  }
+
+  ret = (int)outlen;
 
 err:
   OPENSSL_free(buf);
diff --git a/crypto/obj/obj.c b/crypto/obj/obj.c
index 16d964c5..65366ebb 100644
--- a/crypto/obj/obj.c
+++ b/crypto/obj/obj.c
@@ -215,10 +215,14 @@ int OBJ_obj2nid(const ASN1_OBJECT *obj) {
 }
 
 int OBJ_cbs2nid(const CBS *cbs) {
+  if (CBS_len(cbs) > INT_MAX) {
+    return NID_undef;
+  }
+
   ASN1_OBJECT obj;
   memset(&obj, 0, sizeof(obj));
   obj.data = CBS_data(cbs);
-  obj.length = CBS_len(cbs);
+  obj.length = (int)CBS_len(cbs);
 
   return OBJ_obj2nid(&obj);
 }
diff --git a/crypto/poly1305/poly1305.c b/crypto/poly1305/poly1305.c
index dc2d6a68..5e368020 100644
--- a/crypto/poly1305/poly1305.c
+++ b/crypto/poly1305/poly1305.c
@@ -217,9 +217,9 @@ void CRYPTO_poly1305_update(poly1305_state *statep, const uint8_t *in,
 #endif
 
   if (state->buf_used) {
-    unsigned int todo = 16 - state->buf_used;
+    unsigned todo = 16 - state->buf_used;
     if (todo > in_len) {
-      todo = in_len;
+      todo = (unsigned)in_len;
     }
     for (i = 0; i < todo; i++) {
       state->buf[state->buf_used + i] = in[i];
@@ -245,7 +245,7 @@ void CRYPTO_poly1305_update(poly1305_state *statep, const uint8_t *in,
     for (i = 0; i < in_len; i++) {
       state->buf[i] = in[i];
     }
-    state->buf_used = in_len;
+    state->buf_used = (unsigned)in_len;
   }
 }
 
diff --git a/crypto/rand/windows.c b/crypto/rand/windows.c
index de9f4d95..07e7dd83 100644
--- a/crypto/rand/windows.c
+++ b/crypto/rand/windows.c
@@ -39,7 +39,7 @@ void CRYPTO_sysrand(uint8_t *out, size_t requested) {
   while (requested > 0) {
     ULONG output_bytes_this_pass = ULONG_MAX;
     if (requested < output_bytes_this_pass) {
-      output_bytes_this_pass = requested;
+      output_bytes_this_pass = (ULONG)requested;
     }
     if (RtlGenRandom(out, output_bytes_this_pass) == FALSE) {
       abort();
diff --git a/include/openssl/stack.h b/include/openssl/stack.h
index 16b9f4f6..6f53b0a4 100644
--- a/include/openssl/stack.h
+++ b/include/openssl/stack.h
@@ -100,7 +100,7 @@ typedef struct stack_st {
   void **data;
   /* sorted is non-zero if the values pointed to by |data| are in ascending
    * order, based on |comp|. */
-  size_t sorted;
+  int sorted;
   /* num_alloc contains the number of pointers allocated in the buffer pointed
    * to by |data|, which may be larger than |num|. */
   size_t num_alloc;